NHS legally barred from selling patient data for commercial use

By Steven Swinford,
Senior Political Correspondent The Daily Telegraph UK

The NHS will be legally barred from selling personal medical records for insurance and commercial purposes in a new drive to protect patient privacy, the Health Secretary will announce next week.

Jeremy Hunt will unveil new laws to ensure that medical records can only be released when there is a "clear health benefit" rather than for "purely commercial" use by insurers and other companies.

Ministers will also bolster criminal sanctions for organisations which breach data protection laws by disclosing people's personal data. Under a "one strike and you're out" approach, they will be permanently banned from accessing NHS data.

The privacy drive comes after The Telegraph disclosed this week that 13 years of hospital data - covering 47million patients - was sold by the NHS for insurance purposes.

The society of actuaries which obtained the information used it to provide insurance companies with guidance on how to set their prices for critical illness cover. They advised that higher premiums could be justified for most customers below the age of 50.

The revelation came days after controversial plans to extract patient data from GP records were put on hold, amid concerns over the scheme.

In a bid to allay public concerns Mr Hunt will this week announce a series of amendments to the Care Bill.

A source close to Mr Hunt said: “The principles around this programme, which will bring real benefits to patients, are fundamentally right, and we will support them.

“But alongside a new campaign from NHS England to explain the programme to the public and GPs, we also need to ensure that robust legislation is in place to address their concerns.”

Those in charge of the NHS data programme have repeatedly insisted that it will be illegal for information extracted from GP files to be sold to insurers, who might seek to target customers or put up their prices.

However, The Telegraph disclosed on Monday that in 2012 the Institute and Faculty of Actuaries obtained the data about 47million patients for about £2,220. It used the data to help “refine” critical illness cover.

In response the government will this week enshrine in law a ban on the Health and Social Care Information Centre, the body in charge of NHS data, from releasing the information for commercial purposes.

The new legislation will also introduce new measures deter organisations which obtain NHS data from misusing it.

Under the data protection act, companies which “reckless disclose” personal information are committing a criminal offence can be fined up to £500,000.

However, MPs have raised concerns that the fines are “small change” to international corporations and will do little to deter wrongdoing.

Under the new laws, NHS data will only be released to organisations which have abided by data protection rules.

Those that have committed even one prior offence involving patient data will be barred from accessing NHS medical records indefinitely as part of a “one strike and you’re out” approach.

Companies that wish to use personal medical records will have to prove that they are doing so on an “ethical basis” which will benefit patients that they will not breach their privacy.

A source close to the Department of Health said: “For some organisations, the risk of no longer being able to access this kind of data may prove a more effective sanction than the current maximum £500,000 fine under data protection.”

Ministers will also introduce into law a legal requirement that the wishes of patients who want to opt out of the NHS database are “respected”.

Those that choose not to participate will be able to opt out over the phone and receive a legally-backed assurance that “no identifiable information” about them will enter the database.

The two bodies which advise the government on releasing information will also be given a legal basis to make them more accountable.

They will have to publish information about which organisations have received NHS data and the justification for the decision.

On Thursday Jane Ellison, the health minister, said that the new measures were necessary to restore “public confidence”.

She said that the use of NHS data had helped alert authorities to the scandal at Mid Staffordshire hospital and would help doctors fight antibiotic resistant superbugs.

She said: “It is clear that most people agree with the aims, but they have justifiable concerns about how they are being implemented.

"People want rights over how their health and care data, especially data that identify them, are being used. Safeguards will be put in place over and above what NHS England does to build public confidence.

“We know there is an enormous prize in our grasp, but we know we will win that prize only if we are very careful and thoughtful about how to proceed, taking the public with us.”

Many of the measure ministers are adopting have been proposed by George Freeman, a Conservative MP who previously worked in the biomedical industry.

Ministers are also expected to adopt several measures he has put forward in a private members bill to help empower patients.

They include scrapping fees charged by some doctors for patients to access their own medical records, and creating a duty for hospitals and GPs to share medical records with each other to ensure “joined up” patient care.

Mr Freeman said: “Without data we wouldn’t have discovered Mid Staffs or Harold Shipman. Whilst some of the objections to the NHS's plans for use of data are ill-founded and irresponsible, there are legitimate public and GP concerns which need to be addressed if we are to be able to secure public support for 'opt-out' which is essential.

"I'm delighted that the government has accepted the measures in my Bill, and our wider campaign, and agreed to adopt them in legislation”

* The head of the NHS has apologised for posting a spoof video mocking the under-fire health service data-sharing project and lampooning Health Secretary Jeremy Hunt.

Sir David Nicholson was forced to say sorry to a senior colleague portrayed as Hitler in the latest of a long history of internet parodies based on a scene from the movie Downfall.

"Sorry this is what happens when you give an old bloke with an over developed sense of humour new tech," he told Tim Kelsey, national director for patients and information.

"You're doing a great job X", he added on Twitter, where he had earlier created a significant stir by posting a link to the clip - subsequently deleted from his account.

Titled "Tim Kelsey discovers that care.data is in trouble", the video has had more than 3,000 hits since it was posted to YouTube earlier this week.

In it, the subtitled words of the actor playing Hitler - identified as Mr Kelsey - state that the project has "always been about making money".

"Who cares about ordinary people, they never understand things," it shows him saying.

"They don't have my vision for a better world"

It attacks "scaremongering" data privacy campaigners and has him saying: "People didn't care when we sold off their NHS, they barely blinked"

At one point he is shown suggesting everything is OK because "Jeremy Hunt is right behind us".

But he is then told: "Jeremy Hunt is hiding behind a tree. The Government is saying nothing. They are all hiding behind trees."

Responding on the social media site, Mr Kelsey said: "My view on the YouTube film: funny but we risk underestimating how important data-sharing is for the NHS. Hitler was not a joke."

16-18 May 20148th NatCAM 2014
The 8th NatCAM 2014 from 16 to 18 May 2014 was organized by the Addition Medicine Association of Malaysia and co-hosted by the FPMPAM at the Pullman Hotel, Kuala Lumpur. Continue >>.

8 May 2014Citizen’s Action in Response to Emergencies (CARE) Interview with RTM
On 8 May, Dr Steven Chow and CARE trainers from our partner St John’s Ambulance, Malaysia (SJAM) presented to RTM on the importance of AEDs for saving lives in the event of a cardiac arrest. Continue >>